The embodiments described herein relate to methods and apparatus for using machine learning on multiple file fragments to identify malware. More particularly, the embodiments described herein relate to devices and methods for dividing a file into multiple fragments and using machine learning to identify malicious chunks used to then identify the file as malicious file.
In some known systems, a malware and/or other malicious file can potentially damage or disable a computer(s) and/or computer system(s). In some instances, the malware and/or other malicious file can cause damage to a computer network system and may even lead to disruption of services (for example, distributed denial-of-service (DoS)). Thus, a malware attack can affect the devices connected to the computer network system. Some other types of malware can include program code designed to illegally gather users' personal and/or financial credentials, monitor users' web browsing, display unsolicited advertisements, redirect affiliate marketing revenues and/or the like. Furthermore, recovering a computer network system affected from a malware attack can be difficult and resource-intensive.
Some known devices and methods for malware detection include identifying a malware threat (for example, analyzing a file and/or comparing the file with known malware threats). Malware, however, can be hidden as a small portion of an otherwise benign file (for example, a fragment of a file). In such cases, during the analysis, the file can appear benign and may even pass the malware detection. The hidden malware, however, may eventually affect the computer network system.
Thus, a need exists for improved devices and methods for identifying malware within a portion of a file.